Security News

SecurityScorecard released a report earlier this month that looked through the overall cybersecurity posture of all 56 US states and territories leading up to the presidential election. The study found that 75% of all states and territories had IT infrastructures that are vulnerable to a variety of cyberattacks.

The magnitude of extreme weather events - and their prevalence in areas that have not previously been prone to them - will create havoc for organizations that have not prepared for their impact. Extreme weather events have frightening consequences for people's lives and have the potential to degrade or destroy critical infrastructure.

Azure Defender for IoT - Microsoft's new security solution for discovering unmanaged IoT/OT assets and IoT/OT vulnerabilities - is now in public preview and can be put to the test free of charge. About Azure Defender for IoT. "As industrial and critical infrastructure organizations implement digital transformation, the number of networked IoT and Operational Technology devices has greatly proliferated. Many of these devices lack visibility by IT teams and are often unpatched and misconfigured, making them soft targets for adversaries looking to pivot deeper into corporate networks," Phil Neray, Director of Azure IoT Security Strategy at Microsoft, explained.

75% of all 56 U.S. states and territories leading up to the presidential election, showed signs of a vulnerable IT infrastructure, a SecurityScorecard report reveals. Since most state websites offer access to voter and election information, these findings may indicate unforeseen issues leading up to, and following, the US election.

The new investment will support Accurics' market momentum and help the company continue to develop technology that self-heals cloud native infrastructure by codifying security throughout the development lifecycle. The core security issue with cloud native infrastructure is that it's programmatically built and provisioned using Infrastructure as Code; the manual approaches to security currently in place can't keep pace with the high velocity of change.

Online infrastructure security solutions provider Cyberpion on Tuesday emerged from stealth mode after raising $8.25 million in seed funding. Aiming to help organizations gain visibility into and secure their online ecosystem, the Tel Aviv, Israel-based cybersecurity startup provides security teams with a platform that they can leverage to identify and neutralize the risks posed by vulnerabilities in their online assets.

Microsoft on Monday revealed that it worked together with industry partners to shut down the infrastructure used by TrickBot operators and block efforts to revive the botnet. The Washington Post reported last week that the U.S. Cyber Command too attempted to hack TrickBot's C&C servers, in an attempt to take the botnet down to prevent attacks seeking to disrupt the U.S. presidential elections.

"We disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world. We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems," shared Tom Burt, corporate VP, Customer Security and Trust, Microsoft. "In recent times, Trickbot has been implicated in targeted ransomware attacks, where credentials stolen by the malware were used by the Ryuk ransomware operators to compromise victims' networks and encrypt all accessible computers. This assessment has been confirmed by Europol, which recently noted that 'the relationship between Emotet , Ryuk and Trickbot is considered one of the most notable in the cybercrime world'," Symantec researchers noted.

A team of vulnerability spotters have netted themselves a six-figure payout from Apple after discovering dozens security holes in the Cupertino giant's computer systems, some of which could have been exploited to steal iOS source code, and more. Curry said the group decided to target Apple's public-facing networks in July, a few weeks after seeing the story of Bhavuk Jain, who earned $100,000 for finding a bug in Apple's customer sign-in system.

Vendor revenue from sales of IT infrastructure products for cloud environments, including public and private cloud, increased 34.4% year over year in the second quarter of 2020, according to IDC. Investments in traditional, non-cloud, IT infrastructure declined 8.7% year over year in 2Q20. These growth rates show the market response to major adjustments in business, educational, and societal activities caused by the COVID-19 pandemic and the role IT infrastructure plays in these adjustments. Spending on public cloud IT infrastructure increased 47.8% year over year in 2Q20, reaching $14.1 billion and exceeding the level of spend on non-cloud IT infrastructure for the first time.